Caution
i used both the bcdedit /set testsigning on method and regedit because i had some errors.
and i got "your device ran into a problem" which is not really good, i did not get any other info...
and i dont really know, but disabling driver signature enforcement in windows is common, and detected by most anticheats. so i dont know if the current approach is good.
also i need to fix the driver. so please, dont use it
im NOT responsible for what u do with this. u fuck up ur pc or get banned thats on u.
built while learning windows kernel and low level c
simple kernel driver that reads and writes memory of any process.
my own learning project. and definitely not beginner friendly. if u need hand holding dont touch this.
- read process memory
- write process memory
- get process by name
- ring 0 access
- works with kdmapper
- windows 10 or 11
- visual studio 2022
- wdk
- kdmapper
- vm. dont be dumb and run this on ur main box
- open driver.sln
- release x64 (release is recommended)
- build
- driver.sys ends up in x64 release
- move driver.sys and kdmapper.exe to vm
- run as admin
kdmapper.exe driver.sys //or you can just simply drag the driver into kdmapper
- talk to it using the client app
driver/
├── driver.c main entry + ioctl
├── driver.h structs & defs
├── memory.c read write logic
└── communication.c future stuff
IOCTL_READ_MEMORYIOCTL_WRITE_MEMORYIOCTL_GET_PROCESS
names say it all
- buggy drivers = bsod
- test in vm only
- misuse can flag anticheats
- educational. nothing more
discord: @michal.flaska
- BTC:
bc1qr8x3k39mn7sz2l9kyk8j8293xf5spm2wsxymh9